CVE-2025-29429

Name of the Vulnerable Software and Affected Versions Code-projects Online Class and Exam Scheduling System version 1.0

Description The issue concerns Cross Site Scripting (XSS) in the /pages/program.php endpoint via the id, code, and name parameters. This allows for potential malicious script execution.

Recommendations For Code-projects Online Class and Exam Scheduling System version 1.0, as a temporary workaround, consider restricting access to the /pages/program.php endpoint or sanitizing the id, code, and name parameters to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.